query different LDAP Group DN

Question

Hi, 
&nbsp;  
&nbsp; I've a question regarding a syntax for quering an LDAP tree for users with different 
&nbsp; Group DNs in a LDAP webauthentication (reverse proxy) on a Big IP virtual server. 
&nbsp;  
&nbsp; The old apache web server configuration for this was very simple and looked like this: 
&nbsp;          require group ou=group1,o=member 
&nbsp;          require group ou=group2,o=member 
&nbsp;  
&nbsp; In the BigIP LDAP configuration settings (Local Traffic -&gt; Authentication Configurations) I have only the possibiliy to set on Group DN not two. Or am I wrong? 
&nbsp;  
&nbsp; How can I search for an users in two different Group DN's 
&nbsp;  
&nbsp;  
&nbsp; Regards 
&nbsp;  
&nbsp; Ralf 
&nbsp;  
&nbsp;

semperfiguy_759 · Answer

Did you ever get an answer or figure this out? I have the same issue.

rfroehling_7678 · Answer

I got the answer from F5-Support, that it isn't possible to query different Group DNs: 
&nbsp; "When you configure the LTM for a LDAP authentication, you can only configure on DN entry. That's why you have to choose the parent DN of the users groups and not try to set the users groups DNs themselves. 
&nbsp; I would also suggest you read the following document : 
&nbsp; https://support.f5.com/kb/en-us/products/big-ip_ltm/manuals/product/ltm_sol_guide_943/sol_app_auth.html" &nbsp;

Forum Discussion

query different LDAP Group DN

Recent Discussions

Diameter iRules attachment?

F5 BIG-IP

BIG-IP Oauth Client and AS

How to Renew F5 Device Certificate

Use of SSL Decryption.

Related Content

gtm sync group different software version

Certified Kubernetes Administrator - Study Group

Intermediate iRules: Data-Groups

iRuleLX Solution for OAUTH JWT authenticated Salesforce Query

VLAN Group and Asymmetric Deployment

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS